VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2011-04-01 19:37:35
Microsoft Windows 7 Ultimate
System drive C: has 351 GB (75%) free of 470 GB
Total RAM: 2046 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:44, on 1. 4. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Lexmark 5200 Series\lxbtmon.exe
C:\Program Files\Lexmark 5200 Series\ezprint.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\n52te\razerhid.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\n52te\razertra.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garena.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [lxbtmon.exe] "C:\Program Files\Lexmark 5200 Series\lxbtmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5200 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Jomantha] C:\Program Files\n52te\razerhid.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NI Background Service] C:\Program Files\National Instruments\Shared\Update Service\niupdate.exe
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... er=9.0.872
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Use ViDown to download - C:\Program Files\ViDown\vd_link.htm
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\system32\lktsrv.exe
O23 - Service: lxbt_device - - C:\Windows\system32\lxbtcoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\system32\nisvcloc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11683 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Uniblue SpeedUpMyPC Nag.job
C:\Windows\tasks\Uniblue SpeedUpMyPC.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin1.dll [2010-12-27 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2011-01-10 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-27 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-27 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin1.dll [2010-12-27 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2009-10-02 90112]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"lxbtmon.exe"=C:\Program Files\Lexmark 5200 Series\lxbtmon.exe [2007-05-03 230320]
"EzPrint"=C:\Program Files\Lexmark 5200 Series\ezprint.exe [2007-05-03 103344]
"LXBTCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16 []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-02-08 8505888]
"reset"=regedit /s reset.reg []
"CTCheck"=C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-11-06 397312]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-02-28 75048]
"Jomantha"=C:\Program Files\n52te\razerhid.exe [2007-12-12 163840]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2011-03-15 2071904]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2011-02-19 180269]
"NI Background Service"=C:\Program Files\National Instruments\Shared\Update Service\niupdate.exe [2010-08-10 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... er=9.0.872 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2009-03-11 2912256]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-12-19 395640]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-11-17 1242448]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SoftAuto.exe"=C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll [2009-11-03 103728]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-03-31 18:57:58 ----D---- C:\rsit
2011-03-31 18:57:58 ----D---- C:\Program Files\trend micro
2011-03-28 14:21:16 ----A---- C:\Windows\system32\drivers\cpuz135_x32.sys
2011-03-28 14:21:15 ----D---- C:\Program Files\CPUID
2011-03-24 08:37:49 ----D---- C:\Program Files\Dragon Age 2
2011-03-16 14:22:58 ----D---- C:\Users\Admin\AppData\Roaming\PunkBuster
2011-03-16 11:30:57 ----D---- C:\Windows\FLV Player
2011-03-16 11:30:57 ----D---- C:\Program Files\FLV Player
2011-03-15 11:13:36 ----HD---- C:\ProgramData\Common Files
2011-03-05 11:44:37 ----D---- C:\Users\Admin\AppData\Roaming\National Instruments
2011-03-05 11:35:56 ----D---- C:\Program Files\HI-TECH Software
2011-03-05 11:29:34 ----D---- C:\Windows\system32\cvirte
2011-03-05 11:29:34 ----D---- C:\Program Files\Common Files\Merge Modules
2011-03-05 11:29:06 ----D---- C:\Program Files\National Instruments
2011-03-05 11:26:39 ----D---- C:\ProgramData\National Instruments
2011-03-05 11:25:49 ----D---- C:\National Instruments Downloads

======List of files/folders modified in the last 1 months======

2011-04-01 19:37:44 ----D---- C:\Windows\Temp
2011-04-01 19:37:44 ----D---- C:\Windows\Prefetch
2011-04-01 19:37:05 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2011-04-01 19:37:02 ----D---- C:\Users\Admin\AppData\Roaming\skypePM
2011-04-01 19:36:38 ----D---- C:\Windows\system32\config
2011-04-01 19:36:27 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2011-04-01 19:36:00 ----D---- C:\Users\Admin\AppData\Roaming\Hamachi
2011-04-01 19:35:59 ----D---- C:\Program Files\Steam
2011-04-01 15:42:09 ----D---- C:\Program Files\Garena
2011-04-01 14:15:51 ----D---- C:\Windows\System32
2011-04-01 14:15:51 ----D---- C:\Windows\inf
2011-04-01 14:15:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-01 14:13:44 ----D---- C:\Windows\system32\drivers\Avg
2011-04-01 07:12:05 ----D---- C:\Windows\Downloaded Program Files
2011-03-31 21:15:32 ----D---- C:\Users\Admin\AppData\Roaming\ICQ
2011-03-31 19:58:42 ----D---- C:\Program Files\Lx_cats
2011-03-31 19:58:41 ----HD---- C:\ProgramData
2011-03-31 18:57:58 ----RD---- C:\Program Files
2011-03-30 21:28:40 ----D---- C:\Windows\system32\catroot2
2011-03-30 17:19:41 ----D---- C:\Windows\system32\NDF
2011-03-28 14:21:20 ----D---- C:\Windows\system32\drivers
2011-03-27 18:07:23 ----D---- C:\Users\Admin\AppData\Roaming\Adobe
2011-03-26 12:38:08 ----A---- C:\Windows\NeroDigital.ini
2011-03-24 08:43:30 ----SHD---- C:\Windows\Installer
2011-03-24 08:43:00 ----RSD---- C:\Windows\assembly
2011-03-24 08:42:11 ----D---- C:\Program Files\Common Files\BioWare
2011-03-22 19:42:37 ----D---- C:\Windows\Minidump
2011-03-22 19:42:37 ----D---- C:\Windows
2011-03-22 19:37:17 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-22 19:37:14 ----D---- C:\ProgramData\Ulead Systems
2011-03-22 19:36:10 ----D---- C:\Program Files\Common Files\Ulead Systems
2011-03-22 19:34:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-03-22 19:33:26 ----RSD---- C:\Windows\Fonts
2011-03-22 19:33:00 ----D---- C:\Program Files\Ubisoft
2011-03-22 19:28:06 ----D---- C:\Program Files\Electronic Arts
2011-03-22 19:26:36 ----A---- C:\Windows\system32\Dvbpws.dll
2011-03-22 19:24:01 ----D---- C:\Program Files\softendo.com
2011-03-22 19:23:44 ----D---- C:\Windows\system32\Tasks
2011-03-22 19:21:08 ----D---- C:\Windows\system32\appmgmt
2011-03-17 17:56:03 ----D---- C:\Program Files\DsNET Corp
2011-03-16 14:24:42 ----D---- C:\ProgramData\Ubisoft
2011-03-05 11:29:34 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSErHrw7x;AVG9IDSErHr; C:\Windows\System32\Drivers\AVGIDSwx.sys [2011-01-10 25168]
R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2011-01-10 52872]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-02 691696]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2007-05-15 9216]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-01-10 24856]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2011-01-10 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2011-01-10 29584]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2011-01-10 243024]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/11/06 16:54:51]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-02-28 87536]
R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\Windows\system32\drivers\wf2kvcap.sys [2006-04-20 59776]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2011-01-19 22504]
R2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys [2009-05-29 4096]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-29 25888]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\Windows\system32\drivers\wf2ktunr.sys [2006-04-20 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\Windows\system32\drivers\wf2kxbar.sys [2006-04-20 9600]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2007-05-15 14336]
R3 AVGIDSDriverw7x;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [2011-01-10 122448]
R3 AVGIDSFilterw7x;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [2011-01-10 30288]
R3 AVGIDSShimw7x;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [2011-01-10 20560]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-09-05 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-02-08 3019232]
R3 JmtFltr;n52te; C:\Windows\System32\Drivers\JmtFltr.sys [2007-09-27 48896]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 vhidmini;Virtual Hid Device; C:\Windows\system32\DRIVERS\vhidmini.sys [2007-09-19 12672]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-29 279712]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 aljv3w30;aljv3w30; C:\Windows\system32\drivers\aljv3w30.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Admin\AppData\Local\Temp\JEH9BE4.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 moufiltr;Tablet Mouse Filter Driver; C:\Windows\system32\DRIVERS\moufiltr.sys [2009-03-08 6144]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2011-01-10 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2011-01-10 308136]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2011-01-10 2331544]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-10 5897808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\system32\lkcitdl.exe [2009-09-29 695136]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\system32\lkads.exe [2010-03-10 43056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\system32\lktsrv.exe [2010-03-10 53808]
R2 lxbt_device;lxbt_device; C:\Windows\system32\lxbtcoms.exe [2007-05-03 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2010-03-10 358448]
R2 niSvcLoc;NI Service Locator; C:\Windows\system32\nisvcloc.exe [2009-10-20 13896]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-24 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-12-12 85096]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-18 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-11-15 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]
S4 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2010-05-17 1007616]

-----------------EOF-----------------

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzia databázy: 5363

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2. 4. 2011 11:55:48
mbam-log-2011-04-02 (11-55-44).txt

Typ kontroly: Úplná kontrola (C:\|D:\|E:\|F:\|)
Objektov kontrolovaných: 352637
Uplynutý čas: 52 min, 44 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 1
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 6

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
c:\$Recycle.Bin\s-1-5-21-1200621126-690518390-2965904650-1000\$RGZX6KH.exe (Malware.Packer.Gen) -> No action taken.
c:\program files\electronic arts\medal of honor\Binaries\loader.dll (Riskware.Tool.CK) -> No action taken.
d:\Programy\ulead video studio v11 + keygen\ulead_videostudio_v11_plus_with_keygen_cd1\Crack\keygen.exe (Riskware.Tool.CK) -> No action taken.
f:\dokumentárne filmy\aktivátor windows.exe (Hacktool.ChewWGA) -> No action taken.
f:\dokumentárne filmy\new windows 7 activator [2010] [blaze69]\new windows 7 activator [2010]\removewat.exe (HackTool.Wpakill) -> No action taken.
f:\Hry\aktivátor windows.exe (Hacktool.ChewWGA) -> No action taken.